10 May 2023

EXCLUSIVE: Hackers steal patient records from Apunipima Cape York Health Council

| Matt Nicholls
Start the conversation

Apunipima Cape York Health Council’s McCoombe St offices in Bungalow, Cairns.

UPDATE: 3.55pm

APUNIPIMA Cape York Health Council has confirmed this afternoon it has been a victim of a cyber security breach.

After Cape York Weeklybroke the story this morning, Apunipima was caught scrambling to make a public statement.

It released a statement at 3.45pm today:

Apunipima (an Aboriginal Community Controlled Health Organisation) recently became aware of a cyber security incident where a third party gained unauthorised access to the Apunipima I.T. environment and possibly downloaded some information.

We are also aware of a post on the ‘deep web’ (a part of the internet not listed by search engines like Google or easily accessible by the general public) by an unidentified third party, claiming responsibility for the unauthorised access. We are being supported by leading external advisors to closely monitor this post and we are taking all appropriate actions in response.

As soon as we became aware of the incident, we engaged leading external cyber security and forensic I.T. experts to support us in managing the incident, securing our systems, restoring system functionality, and commencing a forensic investigation into what had occurred.

We do not yet have an expected timeline for system functionality restoration, however our I.T. teams are working around the clock to achieve this, supported by our leading external advisors and experts.

Our number one priority is the continuity of care and health services to the people and communities we serve. Per our business continuity plan, we have transitioned to manual processes, which are working effectively.

We are working closely with Queensland Health and other Cape York based service providers to ensure the continued provision of high-quality health and community services to the people and communities we serve.

We have proactively notified the Australian Cyber Security Centre (ACSC) and relevant law enforcement authorities of the incident, and we will continue to liaise with them and take their advice.

We are advised that the forensic investigation to determine what precisely has occurred and if any information has been affected, will take some time to complete.

Should the forensic investigation confirm that anyone’s personal information may have been affected, we will carefully analyse the potentially affected information for the purpose of notifying individuals in a clear and precise manner, including advising them of any steps they need to take. We will ensure all relevant regulators and authorities are notified and kept informed in this regard.

Apunipima is a not-for-profit organisation serving predominantly Aboriginal and Torres Strait Islander people and communities across Cape York and surrounding geographies, and we are deeply saddened that a third-party would target our organisation in this way.

We thank the people and communities we support for their support and patience while we resolve this issue and work to ensure the continuity of high-quality safe health and community services.

Should any members of the community have questions or concerns, they can contact Apunipima via phone on 07 4037 7240 or via email at [email protected] and we will respond to their enquiries as soon as possible.

Please note: Apunipima will continue to post updates and advice to this website in relation to the incident as our investigation progresses.

UPDATE 1.10pm:When contacted by Cape York Weekly, Queensland Health Minister Yvette D’Ath refused to comment.

UPDATE 11.30am:Torres and Cape Hospital and Health Service chief executive Bev Hamerton has released this statement:

“The Torres and Cape Hospital and Health Service is working closely with Apunipima Cape York Health Council as Apunipima investigates a cyber-attack on their information systems.

“Apunipima is still working to determine the extent of the attack on their systems.

“As a precaution, the Torres and Cape Hospital and Health Service has severed all electronic links with Apunipima and all staff have been advised to beware of any phishing attempts.

“Business continuity plans have been activated to ensure clinical care is not impacted.

“Backup systems have been put in place to provide alternative and secure non-digital access to patient information where access to previously shared information systems is no longer available.

“Following a close review by Queensland Health’s CyberSecurity Group, no breaches or direct risk to Torres and Cape HHS or broader Queensland Health information systems have been identified at this time.

“Should a breach occur, Torres and Cape HHS will respond to any breaches, notify impacted health consumers, and ensure continuity of clinical services.

“The Torres and Cape HHS and the CyberSecurity Group will continue to monitor the situation and liaise with Apunipima and provide support as required.

“Queensland Health has robust cyber security and clinical measures in place to prevent, detect and respond to any malicious cyber-attacks.

“Health consumers can contact 13 HEALTH (13 43 25 84) if they have any questions.”

ORIGINAL STORY

POSTED: 9.40am PATIENT records of Cape York residents have allegedly been stolen by hackers in a major security breach of Apunipima Cape York Health Council.

Cape York Weekly can exclusively reveal that patient data was accessed in a ransomware attack on Apunipima this week.

The health body has yet to inform its patients of the breach, nor made a public statement on the matter.

Apunipima provides health care in Aurukun, Coen, Hope Vale, Horn Island, Kowanyama, Laura, Lockhart River, Mapoon, Mossman Gorge, Napranum, Pormpuraaw, Wujal Wujal and the five communities in the Northern Peninsula Area.

It’s believed the hack was orchestrated by LockBit.

According to anti-virus software company Kaspersky, LockBit ransomware is malicious software designed to block user access to computer systems in exchange for a ransom payment.

“LockBit will automatically vet for valuable targets, spread the infection, and encrypt all accessible computer systems on a network,” Kaspersky said.

“This ransomware is used for highly targeted attacks against enterprises and other organisations. As a self-piloted cyberattack, LockBit attackers have made a mark by threatening organisations globally.”

Cape York Weekly understands Apunipima has until Tuesday morning to pay the ransom. The amount was not made publicly available.

An Apunipima representative said the health body was working on a public statement.

Torres and Cape Hospital and Health Service shares some patient data with Apunipima and is also putting together a public statement, although has distanced itself from Apunipima’s breach.

In an email addressed by TCHHS chief executive Bev Hamerton and the head of TCHHS’ digital services, Torres and Cape warned staff of opening any emails from Apunipima.

“The Torres and Cape Hospital and Health Service is working closely with Apunipima Cape York Health Council as they investigate a suspected ransomware attack on their information systems,” the staff email said.

“Apunipima is still working to determine the extent of the attack.

“Staff are urged to be cautious if they have received any emails reporting to be from Apunipima. “Please do not open any attachments, or click on any links in the e-mail.

“Please contact (email removed) and use the PhishMe button or follow – Report a suspicious email – Cyber Security.

“A Cyber Security incident is currently being investigated by eHealth. There is not believed to be any risk to TCHHS or broader Queensland Health information systems at this time, but TCHHS and the CyberSecurity Group will continue to monitor the situation and provide support to Apunipima as required.”

More to come.

Start the conversation

Cape York Weekly

Subscribe to get the latest edition of Cape York Weekly in your inbox each Monday.

By submitting your email address you are agreeing to Cape York Weekly's terms and conditions and privacy policy.